Re: [PATCHES] Fw: Isn't pg_statistic a security hole - Solution Proposal
От | Peter Eisentraut |
---|---|
Тема | Re: [PATCHES] Fw: Isn't pg_statistic a security hole - Solution Proposal |
Дата | |
Msg-id | Pine.LNX.4.30.0106031703120.757-100000@peter.localdomain обсуждение исходный текст |
Ответы |
Re: [PATCHES] Fw: Isn't pg_statistic a security hole - Solution Proposal
|
Список | pgsql-hackers |
[ -> hackers ] Tom Lane writes: > > Will you expect the function to do dequoting etc. as well? This might get > > out of hand. > > Hm. We already have such code available for nextval(), IMHO, nextval() isn't the greatest interface in the world. I do like the alternative (deprecated?) syntax sequence.nextval() because of the notational resemblence to OO. (We might even be able to turn this into something like an SQL99 "class" feature.) As I understand it, currently relation.function(a, b, c) ends up as being a function call function(relation, a, b, c) where the first argument is "text". This is probably an unnecessary fragility, since the oid of the relation should already be known by that time. So perhaps we could change this that the first argument gets passed in an Oid. Then we'd really only need the Oid version of Joe's has_*_privilege functions. -- Peter Eisentraut peter_e@gmx.net http://funkturm.homeip.net/~peter
В списке pgsql-hackers по дате отправления: